Invalid Oauth State. Please Try Again

Introduction to OAuth

OAuth back up is required in all Plaid integrations. Without OAuth back up, your end users volition not exist able to connect accounts from institutions that require OAuth. This guide demonstrates how to implement OAuth in your Plaid integration.

OAuth is an industry-standard protocol for authenticating and permissioning data to third parties. With OAuth, finish users can grant third parties access to their data without sharing their credentials directly with the third party.

Typically, end users authenticate and permission information directly within Plaid Link when connecting their financial accounts to third political party applications. With OAuth, yet, terminate users temporarily leave Link to authenticate and permission data using the institution's website or mobile app instead. Afterward, they're redirected back to Link to consummate the Link flow and return control to the third party awarding.

A typical OAuth flow with Plaid Link

In addition, Plaid integrations with OAuth have several benefits over the traditional, non-OAuth experience in Link, such as:

• Familiar and trustworthy experiences With OAuth, end users authenticate via the banking concern'due south website or mobile app, a familiar feel that tin help with conversion.

• Streamlined login experiences Some OAuth-enabled institutions (e.k., Chase) provide an "App-to-App" experience for end users if the end user has the institution's mobile app installed on their device. App-to-App can provide alternative authentication methods to end users (eastward.g., Touch ID or Face ID) that can help simplify and advance the authentication procedure.

• Greater connection uptime Y'all can mostly look greater connexion uptime with OAuth-enabled institutions, which means fewer connection errors for terminate users when using Plaid Link.

• Longer-lived connections Items at OAuth-enabled institutions by and large remain continued longer. This typically results in fewer re-authentication errors (e.g., ITEM_LOGIN_REQUIRED).

• Improved MFA (multi/second-factor) support OAuth-enabled institutions tin can support finish user accounts that may be currently unsupported due to the end user'due south MFA settings.

OAuth support and compatibility

Plaid supports the OAuth2 protocol. For a full list of Plaid integrations that use OAuth, call the /institutions/go endpoint with your desired country_codes and the oauth option set to true. The response for all institutions includes an oauth field, which indicates whether or not Plaid uses OAuth to authenticate users for that institution.

Some institutions are in the process of converting from non-OAuth flows to OAuth-based flows. These institutions will have multiple records available to institutions endpoints, with one representing the OAuth version of the institution and one representing the non-OAuth version.

All OAuth flows are backwards-compatible with non-OAuth flows, every bit well as with avant-garde Link flows such every bit Returning User Feel, Instant Lucifer, and micro-deposit based verification. You can safely implement OAuth at whatsoever time without impacting non-OAuth institutions.

Prerequisites for implementing OAuth

Ensure yous have implemented Link tokens

OAuth requires the use of Link tokens. If you are using a legacy implementation with public keys rather than Link tokens, see the Link token migration guide.

Request Production access from Plaid

Production admission is a prerequisite for implementing OAuth. Plaid volition contact you once your business relationship has been enabled for Production.

In the United states of america and Canada, OAuth requires Product admission; you cannot connect to US OAuth institutions in the Development environment without having received both OAuth approval and Production blessing. You tin, however, test OAuth in the Sandbox surround, using Sandbox-but institutions, without needing Production approving.

Complete the registration requirements

Before implementing OAuth, exist sure to complete the registration requirements in the Plaid Dashboard.

• Application brandish information – This is public information that end users of your application will run into when managing connections between your awarding and their bank accounts, including during OAuth flows. This information helps end users empathize what your application is and why it is requesting access, which tin can ameliorate conversion. In addition, some The states institutions require your contour to exist completed and volition not let apps with an empty profile to access their OAuth implementations.

• Company data – Information nearly your visitor. This data is not shared with end users of your application and is only accessible to Plaid, members of your team, and financial institutions you register with.

• Plaid Primary Services Agreement – (US/CA merely) Your latest contract with Plaid. If this is marked equally incomplete, please reach out to your account manager for an updated version.

• Plaid security questionnaire – (Us/CA only) You must complete a questionnaire near your company'south risk and security practices earlier accessing certain bank APIs.

Considering OAuth back up requires client-side changes, we recommend implementing OAuth support fifty-fifty earlier your account has been enabled for OAuth, particularly if integrating with mobile SDKs, in order to allow sufficient fourth dimension for app approving and distribution.

Implementing OAuth

Required steps

1. Create and register a redirect URI

2. Generate a Link token and configure it with your redirect URI

3. Reinitialize Link at your redirect URI

4. Wait for OAuth approving from Plaid, which tin can be tracked on the OAuth institution page.

5. Empathise establishment-specific behaviors and, if necessary, update your app to support them. For details, meet the "Banking company-Specific Documentation" section of the OAuth Guide on the Plaid Dashboard.

Recommended, optional steps

1. Handle Link OAuth events

2. Listen for consent expiration webhooks

3. Manage consent revocation

4. (United states of america/CA but) Enable OAuth and migrate users

5. (Europe just) Enable QR Lawmaking hallmark

Create and register a redirect URI

After successfully completing the OAuth menstruum via their bank'southward website or app, yous'll need to redirect the stop user back to your application. This is achieved with a redirect URI that yous'll demand to fix and configure accordingly depending on your client platform.

Redirect URIs and HTTPS

Redirect URIs must use HTTPS. The just exception is on Sandbox, where, for testing purposes, redirect URIs pointing to localhost are allowed over HTTP. Custom URI schemes are non supported in any environment. Subdomain wildcards are supported using a * character. For example, adding https://*.example.com/oauth-page.html to the allowlist permits https://oauth1.example.com/oauth-page.html, https://oauth2.instance.com/oauth-page.html, etc.

Desktop web, mobile web, React, or Webview

For desktop web, mobile web, or React, the redirect URI is typically the address of a bare web page you'll need to create and host. This web folio will be used to permit the end user to resume and consummate the Link menses afterwards completing the OAuth flow on their bank'due south website or app. https://instance.com/oauth-page.html is an instance of a typical redirect URI. After creating your redirect URI, add together information technology to the Allowed redirect URIs.

iOS SDK, React Native (iOS)

For iOS SDK or React Native (iOS), the redirect URI is typically the accost of a blank web page yous'll demand to create and host. You'll demand to configure an Apple App Association File to acquaintance your redirect URI with your awarding. To enable App-to-App authentication flows, yous'll need to register the redirect URI as an app link. Custom URI schemes are not supported; a proper universal link must be used.

Android SDK, React Native (Android)

Annals your Android parcel by adding the Android bundle name(s) to the Allowed Android package names listing. Plaid volition automatically create your redirect URI and its contents based on your packet name. When specifying a redirect URI in the following steps, you will utilize android_package_name .

Configure your Link token with your redirect URI

OAuth support requires use of Link tokens. The legacy client-side settings oauthRedirectUri and oauthNonce are ignored and will not exist read. If y'all are still using a legacy public key, see the Link token migration guide.

To implement OAuth, you lot'll demand to specify your redirect URI via the redirect_uri field when generating a Link token with /link/token/create (on Android, utilize the android_package_name parameter to provide your Android bundle name instead). Use this Link token to initialize Link.

If y'all're using Link in update mode, ensure y'all specify your redirect URI via the redirect_uri field (on Android, use the android_package_name parameter to provide your package proper noun instead).

Exercise non use query parameters when specifying the redirect_uri. Make sure to specify the user.client_user_id.

Select group for content switcher

Using OAuth inside an iFrame

Launching Link from within an iFrame is not recommended. Link conversion for OAuth institutions is typically up to 15 percentage points higher when using Plaid's SDKs than when using iFrames. If Link is launched from within an iFrame, you'll be unable to maintain user state. Folio rendering, sizing, and data exchange may also exist suboptimal.

Reinitializing Link

After completing the OAuth flow, the end user will be redirected to your redirect URI (e.g., https://example.com/oauth-page.html). This is where they'll resume and consummate the Link catamenia and render to your application. To do this, you'll demand to reinitialize Link at your redirect URI.

Depending on your customer platform, Link may require boosted configuration to piece of work with OAuth. Detailed instructions for each platform are provided below.

Client platform	Link reinitialization required?
Desktop web	No
Mobile web	Yes
Webview	Yes
iOS SDK (version 2.1.ii or afterwards required)	Yes
React Native (iOS)	Yes
Android SDK (version three.2.iii or later required)	No, but app packet registration required
React Native (Android)	No, simply app package registration required

Desktop web, mobile web, or React

A reference implementation for OAuth in React can be plant in the Plaid React GitHub. If you are looking for a demonstration of a real-life app that incorporates the implementation of OAuth in React see Plaid Blueprint, a Node-based instance app.

For desktop spider web, mobile web, or React, you'll need to launch Link twice, once before the OAuth redirect (i.e., the kickoff Link initialization) and once after the OAuth redirect (i.due east., Link reinitialization). The Link reinitialization should occur at your redirect URI.

When reinitializing Link, configure it using the aforementioned Link token you used when initializing Link the first time. It is up to you to determine the all-time way to provide the correct link_token upon redirect. Every bit an case, the code sample below demonstrates the use of a browser's local storage to retrieve the Link token from the first Link initialization.

Select group for content switcher

In addition, when reinitializing Link, y'all should configure it with the receivedRedirectUri field and pass in the full received redirect URI, every bit demonstrated in the code sample. The received redirect URI is your redirect URI appended with an OAuth country ID parameter. The OAuth state ID parameter will allow yous to persist user state when reinitializing Link, assuasive the end user to resume the Link menses where they left off. No extra configuration or setup is needed to generate the received redirect URI. The received redirect URI is programmatically generated for you past Plaid later on the end user authenticates on their bank'due south website or mobile app. You lot can retrieve information technology using window.location.href.

The received redirect URI must not contain whatever actress query parameters or fragments other than what is provided upon redirect. The standard Link callback onSuccess will exist triggered as usual once the user completes the Link menstruum.

Optional methods for retrieving the initial Link token

If Link is reinitialized in the same browser session as the first Link initialization, you tin can shop the Link token in a cookie or local storage in the browser for easy access when reinitializing Link. For instance, the Plaid Quickstart uses localStorage.setItem to store the token.

If Link is reinitialized in a different browser session than the first Link initialization, you lot can store a mapping of the Link token associated with the user (server-side). Upon opening the second browser session, authenticate the user, fetch the respective Link token from the server, and use information technology to reinitialize Link.

Redirect URIs and desktop web

OAuth flows will role properly on desktop spider web even if you don't fix a redirect URI.
Even so, for users on mobile web, if the cease user has the bank's app installed, and the institution supports App-to-App, non providing a redirect URI will preclude the higher-converting App-to-App OAuth catamenia from being used and will instead road users to the mobile web flow. To provide a robust experience for end users on mobile web, always specify a redirect URI and reinitialize Link.

Webview

For webview, yous'll need to launch Link twice, once before the OAuth redirect (i.e., the beginning Link initialization) and once later the OAuth redirect (i.due east., Link reinitialization). The Link reinitialization should occur at your redirect URI.

For the initial Link instance, starting time generate a Link token as described in Configure your Link token with your redirect URI, and then set up Link's token parameter to this Link token. After the end user successfully completes the OAuth catamenia via their banking company's website or app, they'll be redirected to your redirect URI, where y'all'll reinitialize Link.

When reinitializing Link, use the same Link token y'all generated when yous first initialized Link. It is up to you to determine the best way to provide the correct link_token upon redirect.

In addition, when reinitializing Link, yous should configure it with the receivedRedirectUri field. The received redirect URI is your redirect URI appended with an OAuth land ID parameter. The OAuth state ID parameter will allow you to persist user state when reinitializing Link, allowing the end user to resume the Link flow where they left off. No extra configuration or setup is needed to generate the received redirect URI. The received redirect URI is programmatically generated later the stop user authenticates on their banking concern'south website or mobile app. The received redirect URI must not contain whatever extra query parameters or fragments other than what is provided upon redirect.

iOS

A consummate client implementation of OAuth for both Swift and Objective-C can be constitute in the Plaid Link for iOS sample app, within the AppDelegate+OAuthSupport and ViewController components.

Using OAuth with the Link iOS SDK requires LinkKit version 2.1.ii or after.

For the initial Link case, start generate a Link token as described in Configure your Link token with your redirect URI. Your redirect_uri must also be added to the Plaid dashboard and should exist configured as a universal link (non a custom URI) using an Apple App Association File.

OAuth on iOS devices can occur fully inside the integrating application (In-App OAuth), or information technology can include a transition from your application to the bank'due south app (App-to-App OAuth). App-to-App OAuth is initiated by the banking concern itself and is not controlled past the iOS SDK. In order to ensure your users can return to your application, you must support App-to-App OAuth.

App-to-App OAuth requirements

During App-to-App OAuth, the cease user is directed from your awarding to the bank's app to authenticate. To return the cease user back to your application after they authenticate, your redirect URI must exist a universal link. Once the user returns to your app, UIKit will invoke a method within your application and provide the redirect URI that triggered this return to the app.

The iOS SDK requires this redirect URI to exist passed to its continue(from:) API in society to go along OAuth. Without this call, the SDK will non know whether the OAuth catamenia has completed and will therefore not update the UI. Add the post-obit code to either your awarding delegate's func application(_:, continue:, restorationHandler:), or to your scene delegate'south func scene(_:, continue:) part:

App-to-App behavior tin exist tested in the Sandbox environment. If App-to-App does not function equally intended, verify that the go along(from:) API is being chosen past setting a breakpoint on the function call. If the breakpoint is not striking, validate that the redirect URI used to configure Link is a valid universal link and that your awarding has the associated-domains entitlement for that URI.

When contacting Plaid Support for help with App-to-App OAuth bug, you lot may be asked to provide the value you laissez passer to the keep(from:) API. This can be constitute past setting a breakpoint as described higher up, and logging the value of the parameter to LLDB (due east.thou. $ po redirectUri.absoluteString()).

React Native on iOS

Using OAuth with the Plaid React Native SDK for iOS requires version vi or later on of the SDK.

React Native on iOS uses universal links for OAuth, and the following code is required in the AppDelegate in the native iOS code:

This code block informs the React Native Linking library when the application is opened through a universal link. The React Native Plaid Link SDK volition correctly continue OAuth when the application is opened through the registered universal link.

Handling universal links within React Native

The PlaidLink component handles Universal Links past default. For integrations that use PlaidLink.openLink, Universal Links will non exist handled by default. The useDeepLinkRedirector hook must be invoked by the component that calls PlaidLink.openLink.

Android SDK and Android on React Native

You won't demand to reinitialize Link at a redirect URI when using Android SDK or Android on React Native, but you must generate a Link token by calling /link/token/create and passing in an android_package_name. Your parcel name (e.1000., com.example.testapp) must too be added to the Plaid dashboard. Do not pass a redirect_uri into the /link/token/create telephone call. Go along to initialize Link with the generated token.

Select group for content switcher

Testing OAuth

You can test OAuth on Sandbox fifty-fifty if Plaid has non nevertheless enabled OAuth flows for your account. To test out the OAuth flow in the Sandbox surround, y'all can use Platypus OAuth Banking concern (ins_127287), Platypus OAuth App2App Bank (ins_132241), or to emulate European flows, Flexible Platypus Open Cyberbanking (ins_117181). These dummy institutions direct you lot to a Plaid sample OAuth catamenia that is similar to what y'all would meet for a depository financial institution's OAuth flow. When prompted, you can enter anything as credentials (including leaving the input fields blank) to proceed through the sample OAuth period. Note that institution-specific OAuth flows cannot be tested in Sandbox; OAuth panes for Platypus institutions will exist shown instead.

Different other Sandbox institutions, Platypus institutions practise not support custom Sandbox data or programmatically creating Items via /sandbox/public_token/create .

You lot can too test several different types of OAuth flows in Sandbox and Development. By specifying a redirect_uri, the electric current page will be redirected to the banking company's website. Past omitting the redirect URI, the banking concern'southward website will open in a new window. When testing in a mobile app with your redirect_uri set to a universal link, the Platypus OAuth App2App Bank (ins_132241) volition allow you to examination having a user complete authentication in a new app and being directed back to your app upon handoff.

In Production, Link will select the type of OAuth flow that results in the best conversion regardless of the value of redirect_uri. It is still strongly recommended to specify a redirect_uri to support college-converting App-to-App flows.

To ensure your OAuth integration works across all platforms, exam information technology in the post-obit scenarios before deployment:

• On each client platform that is available to your users (e.g. desktop, iOS app, iOS mobile spider web, Android app, Android mobile spider web)
• With the OAuth establishment app installed, for institutions that support app-to-app authentication (e.grand. Chase)
• Without the OAuth institution app installed
• In update mode, by using /sandbox/particular/reset_login in the Sandbox environs

Troubleshooting common OAuth issues

If your OAuth integration is not working correctly, bank check the following common configuration bug before contacting Support:

• Ensure your redirect URI is configured in the Plaid Dashboard
• For spider web, iOS SDK, or React Native iOS integrations, ensure the redirect_uri parameter is gear up in the /link/token/create telephone call for all Link sessions, including Link in update mode
• For Android SDK integrations, ensure that your Android parcel proper name is registered in the Plaid Dashboard and that the android_package_name parameter is gear up in the /link/token/create call for all Link sessions, including Link in update mode
• For iOS SDK integrations, check that the redirect URI has been associated with an Apple App Association file, that your awarding has the associated-domains entitlement for that URI, and that you are calling proceed(from:) in your application
• For React Native integrations, bank check the above for iOS and Android and ensure yous are using the useDeepLinkRedirector hook

For a more detailed guide to specific OAuth problems, see Link troubleshooting.

Enabling OAuth and migrating users

Your integration will automatically convert to using OAuth connections for a given establishment on the date that Plaid has indicated to you. Y'all may too have the option to migrate to OAuth earlier; if this option is available, a button to enable OAuth for the institution volition announced on the OAuth establishment folio.

Your existing Items with the institution existence migrated volition automatically be moved into the ITEM_LOGIN_REQUIRED state. This will happen gradually over a migration period (past default, 90 days, merely the duration may vary depending on the institution), starting on or shortly after the OAuth enablement appointment. Completing the update mode flow for these Items will catechumen them to use OAuth connections. To avoid any disruption in connectivity, you tin besides prompt your users to complete the update style menstruation as shortly every bit you have been enabled for OAuth with their institution.

Handling Link events

OAuth flows have a different sequence of Link events than non-OAuth flows. If you are using Link events to measure conversion metrics for completing the Link process, you may demand to handle these events differently when using OAuth.

In add-on, the flow itself may be different if yous are calling OAuth with a redirect URI or displaying the OAuth screen in a split popular-up window.

The events fired for a non-OAuth flow might look something like this:

The events fired for a typical OAuth menstruum may await more like the post-obit:

Observe that there is yet a SUBMIT_CREDENTIALS event, even in the OAuth flow. As well annotation that when the user returns from completing the OAuth flow at their financial institution, Link fires a second SELECT_INSTITUTION effect.

In most situations, if Plaid encounters an fault from the bank's OAuth flow, or if the user chooses to not grant access via their OAuth login try, the user volition return to your application and Link will burn an EXIT upshot with a requires_oauth exit condition. You may also encounter an Mistake issue, depending on the type of mistake that Plaid encountered.

If the user closes the bank's OAuth window without completing the OAuth flow, Link will burn down a CLOSE_OAUTH outcome. This but happens in situations where the OAuth catamenia appears in a pop-up window.

If the OAuth flow times out while waiting for the user to sign in, Link will fire a FAIL_OAUTH event. This but happens in situations where the OAuth flow appears in a pop-up window.

In one case you receive the onSuccess callback from an OAuth menstruum, the integration steps going frontwards are the same as for not-OAuth flows.

Refreshing Particular consent

Some institutions require users to periodically re-affirm their consent to avoid Item expiration. When using OAuth, stop users may need to refresh their admission-consent after a certain amount of time.

To determine when a user will need to re-authenticate, make a request to the /item/get endpoint and note the consent_expiration_time field. Plaid volition too send a PENDING_EXPIRATION webhook one week before a user'due south access-consent is ready to expire. In club to continue receiving data for that user, ensure they re-authenticate via update mode prior to that date. When using Link in update mode, exist certain to specify your redirect URI via the redirect_uri field as described in Configure your Link token with your redirect URI.

Managing consent revocation

Many institutions that back up OAuth provide a ways for the finish user to revoke consent via their website. If an end user revokes consent, the Item will enter an ITEM_LOGIN_REQUIRED state afterwards approximately 24-48 hours. Nosotros recommend giving the user an opportunity to either verify that they intended to remove the Particular or to indicate that they did not mean to revoke access. If the user verifies that they meant to remove the Item or does not respond after a few days, delete the Item and associated information. If the user did not hateful to revoke access, they tin can re-authorize access by going through the standard update style menses.

Institutions that support OAuth may also provide the end user the ability to revoke consent for a single business relationship, without revoking consent for the entire Item. Accounts in this situation are treated the same equally accounts that take been closed: no webhook will be fired, y'all volition cease receiving transactions associated with the account, and Plaid volition end returning the account in API responses. Access can be re-authorized via the update mode flow.

When using Link in update fashion (for either case described in this department), be sure to specify your redirect URI via the redirect_uri field as described in Configure your Link token with your redirect URI.

Partial consent

OAuth tin provide the ability for end users to configure granular permissions on their Items. For example, an finish user may allow access to a checking account but not a credit bill of fare business relationship behind the aforementioned login, or may allow an institution to share simply certain account data, such equally identity data but not transaction history. If an end user chooses not to share data that is required by your Link token'southward products configuration, or does not share admission to any accounts, the Link endeavor will fail. In this case, they will need to restart the Link catamenia.

Note that if your app calls /link/token/create using an account_filter parameter to limit the account types that can be used with Link, the filter will only be applied afterward the OAuth flow has been completed and will not affect the permission selection interface within the OAuth menstruum.

If your app after needs to asking access to a product or account that was not originally granted for that Detail during Link, y'all can send the user to the update mode flow to authorize additional permissions. When using Link in update way, exist sure to specify your redirect URI via the redirect_uri field every bit described in Configure your Link token with your redirect URI.

App-to-App hallmark

Some banks (due east.chiliad. Hunt) support an App-to-App experience if the user is authenticating on their mobile device and has the bank'southward app installed. Instead of logging in via the bank'southward site, the bank's app volition be launched instead, from which the user will be able to log in (including via TouchID or Face ID) before existence redirected back to your app. Support for App-to-App should be automatic one time yous have implemented back up for OAuth on mobile. Notation that on iOS, this requires configuring an Apple tree App Association file to acquaintance your redirect URI with your app, as described nether Create and register a redirect URI.

The total App-to-App flow can be tested in the Sandbox environment. You can test that your universal link works correctly using the Platypus OAuth App2App Banking company (ins_132241) examination institution. The depository financial institution's 'app' for this test institution will exist a mobile spider web browser, but the universal link will function equally expected if configured correctly, switching back to your app on handoff.

QR code authentication

For many European institutions, Plaid supports the ability for an end user to authenticate via their bank's mobile app – fifty-fifty if the user'due south journey begins in a desktop-based web session – in gild to optimize for conversion. Later on the user selects an establishment, they will exist presented with the option to scan a QR code and authenticate in the bank'southward mobile app or to continue on desktop. When the user scans the QR code, they will be redirected to the bank's app (or website, if the user does non have the app installed). After the user completes the OAuth flow, they volition be redirected to a Plaid-owned page instructing them to return to their desktop to complete the flow.

To enable QR hallmark, contact your Plaid account manager or file a Support ticket. No changes to your Link OAuth implementation are required to enable this flow.

To test out the QR lawmaking flow in the Sandbox environment, you can use Flexible Platypus Open Banking (ins_117181). When y'all launch Link with this establishment selected in Sandbox, the QR code hallmark menses will exist triggered. The Sandbox institution does not straight you lot to a real bank'south mobile app, simply allows you to grant, deny, or simulate errors from the placeholder OAuth page instead.

Supported institutions for QR code authentication

Institution proper noun	Institution ID
Bank of Scotland - Personal	ins_118274
Banking company of Scotland - Business concern	ins_118276
Barclays (United kingdom of great britain and northern ireland) - Mobile Banking: Business	ins_118512
Barclays (United kingdom) - Mobile Cyberbanking: Personal	ins_118511
Barclays (UK) - Mobile Cyberbanking: Wealth Management	ins_118513
First Direct	ins_81
Halifax	ins_117246
HSBC (Britain) - Business organization	ins_118277
HSBC (UK) - Personal	ins_55
Lloyds Bank - Business and Commercial	ins_118275
Lloyds Bank - Personal	ins_61
Monzo	ins_117243
Nationwide Building Society	ins_60
NatWest - Electric current Accounts	ins_115643
Revolut	ins_63
Royal Depository financial institution of Scotland - Current Accounts	ins_115642
Santander (U.k.) - Personal and Business	ins_62
Starling	ins_117520
Tesco (UK)	ins_118393
TSB	ins_86
Ulster Bank (UK)	ins_117734

girdlestonehaversidne.blogspot.com

Source: https://plaid.com/docs/link/oauth/

Share this post